Menu
I couldn’t walk five feet at RSA recently without someone asking me about ChatGPT. The questions all boiled down to “ChatGPT—is it bad, really bad, or just plain horrible?” ChatGPT is all of these things, and at the same time it is none of them. ChatGPT is only what we make of it. Like any […]
READ MOREMeta Platforms, formerly Facebook, was recently hit with a massive €1.2 billion fine for violating General Data Protection Regulation (GDPR) requirements. The unprecedented punitive measure comes as Meta is found guilty of transferring and storing personal data of European Union users in the United States. This event underscores the criticality of secure code and the […]
In the ever-evolving landscape of cybersecurity, zero-day vulnerabilities tend to steal the limelight. These newly discovered vulnerabilities are often seen as the epitome of sophisticated cyberattacks, capturing headlines and fueling the imagination of both the public and cybersecurity professionals. However, the reality is that while zero-day vulnerabilities may be intriguing, the majority of successful cyberattacks […]
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
How to integrate security into the SDLC successfully The world has an insecure software problem, which is why 84% of cyber attacks focus on the application layer. Two major factors have contributed to the writing of insecure code — cumbersome security analysis tools and a strong drive to reach the market quickly. For things to […]
We review the different compliance standards that apply to the software development life cycle (SDLC) along with best practices for meeting them. It’s no surprise that developers are being asked to become security people. According to the 2021 Verizon Data Breach Investigation Report, basic web application attacks were the second most-used patterns found for breaches […]
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
Improper Restriction of XML External Entity Reference When the Executive Order on Improving the Nation’s Cybersecurity (Executive Order) was released in May 2021, it came with some very short deadlines for agencies. Most of the Executive Order’s timelines were in the 45-, 60-, and 90-day range. With that in mind, taking a look at the […]
What every developer should do before they start writing code I talk a lot about finding and fixing vulnerabilities on my blog. But what can you do to prevent vulnerabilities way before they happen? Today, let’s talk about the first step you can take towards a more secure application. A lot of times we think […]
On March 21, the Biden administration directed US companies to “harden your cyber defenses immediately.” With these new federal guidelines for application security, the White House urged software developers to deploy “modern tools that can detect known and potential vulnerabilities” in their custom and open-source software (OSS). Learn more about how ShiftLeft can help.
How SQL injection and command injection happen in APIs You’ve probably heard of the OWASP top ten or the top ten vulnerabilities that threaten web applications. OWASP also periodically selects a list of top ten vulnerabilities that threaten APIs, called the OWASP API top ten. The current API top ten are Broken Object Level Authorization, […]
© 2023 Qwiet. All rights reserved.
